WO2008016746A2 - Identity verification using location over time information - Google Patents

Identity verification using location over time information Download PDF

Info

Publication number
WO2008016746A2
WO2008016746A2 PCT/US2007/070696 US2007070696W WO2008016746A2 WO 2008016746 A2 WO2008016746 A2 WO 2008016746A2 US 2007070696 W US2007070696 W US 2007070696W WO 2008016746 A2 WO2008016746 A2 WO 2008016746A2
Authority
WO
WIPO (PCT)
Prior art keywords
mobile device
user
routes
accordance
location
Prior art date
Application number
PCT/US2007/070696
Other languages
French (fr)
Other versions
WO2008016746A8 (en
WO2008016746A3 (en
Inventor
Douglas A. Kuhlman
Yi Q Li
Larry C. Puhl
Original Assignee
Motorola, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola, Inc. filed Critical Motorola, Inc.
Priority to BRPI0714791A priority Critical patent/BRPI0714791A8/en
Priority to CN2007800287974A priority patent/CN101496427B/en
Priority to EP07798277A priority patent/EP2055130B1/en
Publication of WO2008016746A2 publication Critical patent/WO2008016746A2/en
Publication of WO2008016746A3 publication Critical patent/WO2008016746A3/en
Publication of WO2008016746A8 publication Critical patent/WO2008016746A8/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/024Guidance services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/02Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
    • H04W8/08Mobility data transfer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information

Definitions

  • biometrics e.g., fingerprint, voice, hand geometric, etc.
  • behavioral biometrics e.g., signature, keystroke pattern, etc.
  • a passive means of biometric verification capable of operating in the background is needed.
  • One approach to passive identification is the use of location at the time of access, in addition to a person's purchase behavior, as a means to detect identity fraud. This is the way credit card companies often monitor their customer's buying habits.
  • Data about credit card users are often collected from the information submitted by the merchants as part of the payment approval process.
  • the collected information is typically stored in some infrastructure and analyzed for unusual activities over a period of time (to detect fraud/theft).
  • the above method utilized by credit card companies to deter identity fraud is not well suited to identity management use cases in the mobile environment, which typically involve user identification before a transaction.
  • the remote collection of data on a user raises privacy concerns, as the user has no control over what data is collected and when.
  • a further approach uses time and location of access as part of its determination of access rules. However, this approach only uses the actual time/location of the log- in as part of the identity management and user authentication process.
  • FIG. 1 is an exemplary plot showing location over time.
  • FIG. 2 is a flow chart of a method for user verification consistent with certain embodiments of the invention.
  • FIG. 3 is a block diagram of a system for user verification consistent with certain embodiments of the invention.
  • the present invention relates to identity verification using location over time information. Continual verification of a user's identity is facilitated by tracking the user's movements over time using a mobile device. It is recognized that there is a high degree of regularity in the location and timing aspects of the activities of individuals during their daily lives. For example, on a typical work day, an office worker starts from his house for work near a certain time in the morning, and travels a certain route, with small variations. Within some interval, he arrives at work at roughly the same time each day. Assuming no exceptional circumstances, he leaves the office for home in the evening, and gets there, at around the same time every day.
  • the verification device would implement a scoring system which assigns more weight to critical locations such as a person's home and workplace. Consequently, an adversary must gain access to these locations, in addition to obtaining possession of the verification device, in order to defeat the system.
  • a mobile device builds a higher level of confidence in its user's identity by tracking the user's movements over time. Thus, it can potentially eliminate the user's need to re-authenticate every time he requires access to valuable services or contents. Furthermore, the sensitive information on a user's whereabouts is collected and stored locally in the device. This helps to protect the
  • GPS is just one of many ways of determining location.
  • Other possible means include, but not limited to, reverse RF triangulation (e.g., using E-OTD to locally calculate location on a mobile device) and contact with fixed, short-range wireless access points.
  • the approach is applicable to any mobile device, such as a cellular telephone, a PDA, a portable email device, or a 95 portable computer, that has cellular connectivity and/or proximity network capabilities (e.g., 802. Hx, Bluetooth, etc.).
  • FIG. 1 is an exemplary plot showing location over time.
  • a single location dimension is shown, but 2 or 3 dimensions of location may be monitored by the device.
  • FIG. 1 shows three plots, 102, 104 and 106, corresponding
  • routes 102 and 104 originate at the user's home, move to the user's place of work, and then returns to the user's home.
  • Route 106 shows a route that is a variation from the routine. This route returns from the user's work to the user's home via a shop and a gas station. Also shown in FIG. 1 are the locations and time of network access by the user. These are
  • route or sub-route end-points may be given higher importance than to details of the route itself, since the user may vary the route.
  • the second half of route 106 in FIG. 1 begins at the user's work and ends at the user's home, even though the usual route is not taken. There is a high probability that it is the user that is making this trip, rather than someone who has gained unauthorized access to
  • a characteristic feature may be a start or end location of a route, a particular sequence of locations, or a particular combination of
  • Home and work locations are highly characteristic of the user.
  • a commonly visited gas station may also be characteristic, but would be assigned a lower weighting than the more personal locations.
  • FIG. 2 is a flow chart of a method for user verification consistent with certain embodiments of the invention. Following start block 202 in FIG. 2, the
  • the device 130 location of a user's device is recorded over time, as depicted in block 204.
  • This information is stored on the device to minimize privacy concerns.
  • the information may be encrypted to prevent unauthorized access to the information should the device be lost or stolen.
  • the device identifies characteristic features of the routes traveled by the device. These may include the routes taken, the frequency and
  • weightings are applied to the route characteristic features. These weightings may, for example, indicate a relative probability that it is the user who has traversed the route. Weightings may also indicate the variance or surety of the route/user match.
  • the degree of match between the most recent route (the user's location over recent time) and a stored route is quantified as a match score at block 212.
  • the most recent routine may be the route by which the user arrived
  • the match score may be output at block 214 for use by other applications wishing to obtain identity information, some of which may put more or less trust in the user verification method utilizing location over time information. In one embodiment, flow continues to
  • decision block 216 If no identity verification is requested, as depicted by the negative branch from decision block 210, the device continues to track location. At decision block 216, the match score of the most recent route is checked to see if this route is commonly used by the user. If the match score is above a prescribed threshold for the operation being requested, as determined by the positive branch from
  • the user's identity is verified and the operation may proceed.
  • the user is prompted for additional information at block 218. If the additional information is sufficient to authenticate the user, the user's identity is verified at block 220 and the operation may proceed.
  • operation of the mobile device may be limited until the user's identity can be verified by another method.
  • the user may be prompted (once per day, for example) to enter a password, or equivalent, to enable updating of location tracking. This prevents the device from adapting to the routes of an unauthorized user.
  • the user may also enter location and time information to the mobile device, after being authenticated by the device. For example, the user may enter home and work locations together with corresponding time information. The user may also pre-enter information about a location to be visited. Similarly, the user may select from travel information that was previously collected by the mobile device.
  • FIG. 3 is a block diagram of a system operable to perform user identity verification using location over time information.
  • the mobile device 300 includes a positioning unit 302 for identifying the location of the mobile device over time to obtain a current route and a number of previous routes.
  • the mobile device 300 also includes a processor 304 that is operable to identify characteristic features of the
  • the processor compares one or more features of the current route to the characteristic features of previous routes. The identity is verified if the one or more features of the current route match with characteristic features of the previous routes.
  • the positioning unit may be, for
  • GPS Global Positioning System
  • radio frequency positioning unit that determines distances to fixed access points and uses triangulation to determine the location of the mobile device.
  • the mobile device may also include a communication circuit 308 to allow access to a remote device 310 using a wireless or wired communication link 312.
  • processor 304 is operable to verify the identity of a user when access to the remote device 310 is desired.
  • the characteristic features of the previous routes may be stored on the mobile device or on a remote device that is accessible to the mobile device.
  • the remote device may be, for example, a user's home computer.
  • the mobile device may be, for example, a cellular telephone, personal digital assistant, pager, portable computer, two-way radio, or a device in an automobile or other vehicle.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Navigation (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The identity of a user of a mobile device (300) is verified (220) by the mobile device accessing the location of the mobile device over recent time to obtain a current route, comparing (212) a feature of the current route to characteristic features of previous routes stored on the mobile device. The user is verified if the feature of the current route matches a characteristic feature of previous routes. The previous routes may be obtained by tracking the location of the mobile device over time to obtain a number of routes, identifying characteristic features of the routes, and storing the characteristic features of the routes.

Description

IDENTITY VERIFICATION USING LOCATION OVER TIME
INFORMATION
BACKGROUND
[0001] In many forms of electronic transactions, it is necessary for a device to verify a user's identity. While humans are extremely good at identifying other humans through physical characteristics and behaviors, devices are not nearly as good. Devices typically rely on a user-name/password scheme. This is a good scheme in many ways, but it puts a significant burden on the user (e.g., having to remember and manage passwords for different accounts). Additionally, passwords are not truly suited for identification, as they can be easily shared. Shared passwords are almost impossible to detect, but they do not provide a true user identification to the level desired for many applications (e-commerce, user-based DRM, etc.). Physical tokens (e.g. keys) are also a good way to gain access, but they do not necessarily prove identity. Some newer laptop computers include fingerprint sensors to aid in determining whether the proper user is trying to access the system.
Currently, most of the identity management mechanisms based on physical biometrics (e.g., fingerprint, voice, hand geometric, etc.) and behavioral biometrics (e.g., signature, keystroke pattern, etc.) require the user to perform some explicit action in order to establish and/or verify their identity. For example, a user must utter some predetermined phrase when a voice recognition system is used. However, in order to provide the user with a more seamless experience, a passive means of biometric verification capable of operating in the background is needed. [0002] One approach to passive identification, for example, is the use of location at the time of access, in addition to a person's purchase behavior, as a means to detect identity fraud. This is the way credit card companies often monitor their customer's buying habits. Data about credit card users are often collected from the information submitted by the merchants as part of the payment approval process. The collected information is typically stored in some infrastructure and analyzed for unusual activities over a period of time (to detect fraud/theft). The above method utilized by credit card companies to deter identity fraud is not well suited to identity management use cases in the mobile environment, which typically involve user identification before a transaction. Furthermore, the remote collection of data on a user raises privacy concerns, as the user has no control over what data is collected and when.
[0003] A further approach uses time and location of access as part of its determination of access rules. However, this approach only uses the actual time/location of the log- in as part of the identity management and user authentication process.
BRIEF DESCRIPTION OF THE DRAWINGS
[0004] The novel features believed characteristic of the invention are set forth in the appended claims. The invention itself, however, as well as the preferred mode of use, and further objects and advantages thereof, will best be understood by reference to the following detailed description of an illustrative embodiment when read in conjunction with the accompanying drawing(s), wherein:
[0005] FIG. 1 is an exemplary plot showing location over time. [0006] FIG. 2 is a flow chart of a method for user verification consistent with certain embodiments of the invention.
[0007] FIG. 3 is a block diagram of a system for user verification consistent with certain embodiments of the invention.
DETAILED DESCRIPTION [0008] While this invention is susceptible of embodiment in many different forms, there is shown in the drawings and will herein be described in detail one or more specific embodiments, with the understanding that the present disclosure is to be considered as exemplary of the principles of the invention and not intended to limit the invention to the specific embodiments shown and described. In the description below, like reference numerals are used to describe the same, similar or corresponding parts in the several views of the drawings.
[0009] The present invention relates to identity verification using location over time information. Continual verification of a user's identity is facilitated by tracking the user's movements over time using a mobile device. It is recognized that there is a high degree of regularity in the location and timing aspects of the activities of individuals during their daily lives. For example, on a typical work day, an office worker starts from his house for work near a certain time in the morning, and travels a certain route, with small variations. Within some interval, he arrives at work at roughly the same time each day. Assuming no exceptional circumstances, he leaves the office for home in the evening, and gets there, at around the same time every day.
[0010] In addition to exhibiting only slight variations in their daily whereabouts, some combinations of locations visited are unique to an individual. For example, it is unlikely that two workers in the same office will reside in the same home. It is also unlikely that two family members share the same exact workplace. [0011] Other aspects of a person's movement patterns, however, may not be so regular or unique. This can be seen in the event that a driver deviates from his normal route when he encounters a traffic jam. Thus, some timings and locations deserve more emphasis than others in the ongoing verification of a person's identity. To determine whether a user's identity has been maintained throughout some time
75 interval (e.g., during the course of a day), the verification device would implement a scoring system which assigns more weight to critical locations such as a person's home and workplace. Consequently, an adversary must gain access to these locations, in addition to obtaining possession of the verification device, in order to defeat the system.
80 [0012] In one embodiment, a mobile device builds a higher level of confidence in its user's identity by tracking the user's movements over time. Thus, it can potentially eliminate the user's need to re-authenticate every time he requires access to valuable services or contents. Furthermore, the sensitive information on a user's whereabouts is collected and stored locally in the device. This helps to protect the
85 user's privacy by providing him with control over what information is collected and when. It is also noted that it is unlikely that tracking location over time would be used as the sole means of user authentication. Tracking location over time may be used to supplement other authentication mechanisms.
[0013] The approach has application in any GPS-capable device that needs to
90 authenticate the user. However, GPS is just one of many ways of determining location. Other possible means include, but not limited to, reverse RF triangulation (e.g., using E-OTD to locally calculate location on a mobile device) and contact with fixed, short-range wireless access points. Thus, the approach is applicable to any mobile device, such as a cellular telephone, a PDA, a portable email device, or a 95 portable computer, that has cellular connectivity and/or proximity network capabilities (e.g., 802. Hx, Bluetooth, etc.).
[0014] FIG. 1 is an exemplary plot showing location over time. In FIG. 1, a single location dimension is shown, but 2 or 3 dimensions of location may be monitored by the device. FIG. 1 shows three plots, 102, 104 and 106, corresponding
100 to routes traversed over three consecutive days. For example, routes 102 and 104 originate at the user's home, move to the user's place of work, and then returns to the user's home. Route 106 shows a route that is a variation from the routine. This route returns from the user's work to the user's home via a shop and a gas station. Also shown in FIG. 1 are the locations and time of network access by the user. These are
105 depicted by the circles 108, 110, 112, 114, 116 and 118. It is apparent that considerably more information is contained in the full route 106 than is contained in the access location alone. Consequently, location over time provides more reliable user verification information than access locations alone.
[0015] In FIG. 1, the routes 102 and 104 do not align exactly in time, because of
110 variation in the user's schedule and traffic conditions, for example. However, established signal processing techniques known to those of ordinary skill in the art may be used to time-align the routes. Vector clustering or other techniques may be used to identify common routes. Pattern matching techniques may be used to compare a current route to the stored routes.
115 [0016] Higher importance may be given to route or sub-route end-points than to details of the route itself, since the user may vary the route. For example, the second half of route 106 in FIG. 1 begins at the user's work and ends at the user's home, even though the usual route is not taken. There is a high probability that it is the user that is making this trip, rather than someone who has gained unauthorized access to
120 the user's device.
[0017] In general, features of the routes will be extracted from the route information. From these features, features that are deemed to be characteristic of the user are identified. For example, a characteristic feature may be a start or end location of a route, a particular sequence of locations, or a particular combination of
125 locations and times. Home and work locations are highly characteristic of the user. A commonly visited gas station may also be characteristic, but would be assigned a lower weighting than the more personal locations.
[0018] FIG. 2 is a flow chart of a method for user verification consistent with certain embodiments of the invention. Following start block 202 in FIG. 2, the
130 location of a user's device is recorded over time, as depicted in block 204. This information is stored on the device to minimize privacy concerns. The information may be encrypted to prevent unauthorized access to the information should the device be lost or stolen. At block 206, the device identifies characteristic features of the routes traveled by the device. These may include the routes taken, the frequency and
135 timing of those routes, the start and end positions of the routes, locations at which the user spends considerable time or locations the user visits often. At block 208, weightings are applied to the route characteristic features. These weightings may, for example, indicate a relative probability that it is the user who has traversed the route. Weightings may also indicate the variance or surety of the route/user match.
140 [0019] If the user requests an operation, such as a transaction or network access, that requires verification of the user's identity, as depicted by the positive branch from decision block 210, the degree of match between the most recent route (the user's location over recent time) and a stored route is quantified as a match score at block 212. For example, the most recent routine may be the route by which the user arrived
145 at his current location. Recent time is then taken to be the period of time from when the user departed for the current location to the present time. The match score may be output at block 214 for use by other applications wishing to obtain identity information, some of which may put more or less trust in the user verification method utilizing location over time information. In one embodiment, flow continues to
150 decision block 216. If no identity verification is requested, as depicted by the negative branch from decision block 210, the device continues to track location. At decision block 216, the match score of the most recent route is checked to see if this route is commonly used by the user. If the match score is above a prescribed threshold for the operation being requested, as determined by the positive branch from
155 decision block 216, the user's identity is verified and the operation may proceed.
Otherwise, as depicted by the negative branch from decision block 216, the user is prompted for additional information at block 218. If the additional information is sufficient to authenticate the user, the user's identity is verified at block 220 and the operation may proceed.
160 [0020] If a new route is detected, operation of the mobile device may be limited until the user's identity can be verified by another method.
[0021] The user may be prompted (once per day, for example) to enter a password, or equivalent, to enable updating of location tracking. This prevents the device from adapting to the routes of an unauthorized user.
165 [0022] The user may also enter location and time information to the mobile device, after being authenticated by the device. For example, the user may enter home and work locations together with corresponding time information. The user may also pre-enter information about a location to be visited. Similarly, the user may select from travel information that was previously collected by the mobile device.
170 [0023] FIG. 3 is a block diagram of a system operable to perform user identity verification using location over time information. The mobile device 300 includes a positioning unit 302 for identifying the location of the mobile device over time to obtain a current route and a number of previous routes. The mobile device 300 also includes a processor 304 that is operable to identify characteristic features of the
175 previous routes. These characteristic features are stored in a memory 306 in the device. When user identity verification is required, the processor compares one or more features of the current route to the characteristic features of previous routes. The identity is verified if the one or more features of the current route match with characteristic features of the previous routes. The positioning unit may be, for
180 example, a Global Positioning System (GPS) or a radio frequency positioning unit that determines distances to fixed access points and uses triangulation to determine the location of the mobile device.
[0024] The mobile device may also include a communication circuit 308 to allow access to a remote device 310 using a wireless or wired communication link 312. The
185 processor 304 is operable to verify the identity of a user when access to the remote device 310 is desired.
[0025] The characteristic features of the previous routes may be stored on the mobile device or on a remote device that is accessible to the mobile device. The remote device may be, for example, a user's home computer.
190 [0026] The present invention, as described in embodiments herein, is implemented using a programmed processor of a mobile device, executing programming instructions that are broadly described above in flow chart form that can be stored on any suitable electronic storage medium. However, those skilled in the art will appreciate that the processes described above can be implemented in any number
195 of variations and in many suitable programming languages without departing from the present invention. For example, the order of certain operations carried out can often be varied, additional operations, such as verification using additional techniques, can be added or operations can be deleted without departing from the invention. Such variations are contemplated and considered equivalent.
200 [0027] The mobile device may be, for example, a cellular telephone, personal digital assistant, pager, portable computer, two-way radio, or a device in an automobile or other vehicle.
[0028] While the invention has been described in conjunction with specific embodiments, it is evident that many alternatives, modifications, permutations and
205 variations will become apparent to those of ordinary skill in the art in light of the foregoing description. Accordingly, it is intended that the present invention embrace all such alternatives, modifications and variations as fall within the scope of the appended claims. What is claimed is:

Claims

210 L A method for verifying the identity of a user of a mobile device, the method comprising: determining the location of the mobile device over recent time to obtain a current route; comparing a feature of the current route to characteristic features of previous 215 routes; and verifying the user if the feature of the current route matches a characteristic feature of the previous routes.
2. A method in accordance with claim 1, further comprising: acquiring the location of the mobile device over time to obtain a plurality of routes; identifying characteristic features of the plurality of routes; and storing the characteristic features of the plurality of routes.
3. A method in accordance with claim 2, further comprising assigning weightings to the characteristic features.
4. A method in accordance with claim 2, further comprising the user controlling whether routes are stored.
5. A method in accordance with claim 1, wherein determining the location of the mobile device over time comprises recording location coordinates and times.
6. A mobile device operable to perform the method of claim 1
7. A method in accordance with claim 1, further comprising the user entering location and time information to the mobile device.
8. A method in accordance with claim 1, further comprising limiting operation of the mobile device if a new route is detected, until the user's identity is verified by another method.
9. A method in accordance with claim 1, wherein the characteristic features of previous routes are stored on the mobile device.
10. A method in accordance with claim 1, wherein the characteristic features of previous routes are stored on a remote device that is accessible to the mobile device.
11. A computer readable medium containing programming instructions that, when executed on a processor, perform the method of claim 1.
12. A mobile device comprising: a positioning unit for identifying the location of the mobile device at a plurality of times to obtain a current route and a plurality of previous routes; a processor operable to receive routes from the positioning unit and to identify characteristic features of the plurality of previous routes and to identity a feature of the current route; and a memory, coupled to the processor and operable to store the characteristic features of the plurality of previous routes, wherein the processor is further operable to compare the feature of the current route with the characteristic features of previous routes and wherein the identity of a user of the mobile device is verified if the feature of the current route matches a characteristic feature of the plurality of previous routes.
13. A mobile device in accordance with claim 12, wherein the positioning unit comprises a Global Positioning System (GPS).
14. A mobile device in accordance with claim 12, wherein the positioning unit comprises a radio frequency positioning unit.
15. A mobile device in accordance with claim 12, further comprising a wireless communication circuit operable to access a remote device, wherein the processor is operable to verify the identity of a user if the user attempts to access the remote device.
16. A mobile device operable to verify the identity of a user of the mobile device, the mobile device comprising: a means for determining the location of the mobile device over recent time to obtain a current route; and a means for comparing a feature of the current route to characteristic features of previous routes stored on the mobile device, wherein the identity of the user is verified if the feature of the current route matches a characteristic feature of previous routes.
17. A mobile device in accordance with claim 16, further comprising: a means for acquiring the location of the mobile device over time to obtain a plurality of routes; a means for identifying characteristic features of the plurality of routes; and a memory means for storing the characteristic features of the plurality of routes in the mobile device.
18. A mobile device in accordance with claim 17, further comprising an interface means for enabling the user to activate and deactivate the means for tracking the location of the mobile device over time.
19. A method for generating information to facilitate verification of the identity of a user of a mobile device, the method comprising: determining the location of the mobile device over recent time to obtain a current route; quantifying the degree of match between the current route and a previous route stored on the mobile device to generate a match score; and outputting the match score to facilitate verification of the identity of a user of a mobile device.
20. A method in accordance with claim 19, further comprising: acquiring the location of the mobile device over time to obtain a plurality of previous routes; storing the plurality of previous routes in the mobile device.
21. A method in accordance with claim 20, further comprising applying weightings to the plurality of previous routes, wherein the match score is at least partially dependent on the weighting.
22. A mobile device operable to perform the method of claim 21.
PCT/US2007/070696 2006-08-02 2007-06-08 Identity verification using location over time information WO2008016746A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
BRPI0714791A BRPI0714791A8 (en) 2006-08-02 2007-06-08 identity verification using weather information
CN2007800287974A CN101496427B (en) 2006-08-02 2007-06-08 Identity verification using location over time information
EP07798277A EP2055130B1 (en) 2006-08-02 2007-06-08 Identity verification using location over time information

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/461,922 US8364120B2 (en) 2006-08-02 2006-08-02 Identity verification using location over time information
US11/461,922 2006-08-02

Publications (3)

Publication Number Publication Date
WO2008016746A2 true WO2008016746A2 (en) 2008-02-07
WO2008016746A3 WO2008016746A3 (en) 2008-05-29
WO2008016746A8 WO2008016746A8 (en) 2009-04-02

Family

ID=38997751

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/070696 WO2008016746A2 (en) 2006-08-02 2007-06-08 Identity verification using location over time information

Country Status (6)

Country Link
US (1) US8364120B2 (en)
EP (1) EP2055130B1 (en)
KR (1) KR101392651B1 (en)
CN (1) CN101496427B (en)
BR (1) BRPI0714791A8 (en)
WO (1) WO2008016746A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011001026A1 (en) * 2009-06-29 2011-01-06 Elisa Oyj Authentication
EP2348438A1 (en) * 2009-12-21 2011-07-27 Intel Corporation Using trajectory for authentication
EP2953074A1 (en) * 2014-06-05 2015-12-09 Wipro Limited Method for providing real time guidance to a user and a system thereof

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100658152B1 (en) * 2006-03-27 2006-12-15 삼성전자주식회사 Mobile terminal and method for providing location information thereof
US10157422B2 (en) * 2007-05-10 2018-12-18 Allstate Insurance Company Road segment safety rating
US9932033B2 (en) * 2007-05-10 2018-04-03 Allstate Insurance Company Route risk mitigation
US8606512B1 (en) 2007-05-10 2013-12-10 Allstate Insurance Company Route risk mitigation
US10096038B2 (en) * 2007-05-10 2018-10-09 Allstate Insurance Company Road segment safety rating system
US8176159B2 (en) * 2007-08-16 2012-05-08 Avaya Inc. Habit-based authentication
US9071440B2 (en) * 2008-12-22 2015-06-30 Google Technology Holdings LLC Method and system of authenticating the identity of a user of a public computer terminal
US8961619B2 (en) * 2009-01-06 2015-02-24 Qualcomm Incorporated Location-based system permissions and adjustments at an electronic device
US8590021B2 (en) 2009-01-23 2013-11-19 Microsoft Corporation Passive security enforcement
US8321360B2 (en) 2009-10-22 2012-11-27 Symantec Corporation Method and system for weighting transactions in a fraud detection system
US8195664B2 (en) 2009-10-22 2012-06-05 Symantec Corporation Method and system for clustering transactions in a fraud detection system
US10467687B2 (en) * 2009-11-25 2019-11-05 Symantec Corporation Method and system for performing fraud detection for users with infrequent activity
US10339549B1 (en) 2010-03-23 2019-07-02 Amazon Technologies, Inc. Transaction bootstrapping to create relationships
US20110238476A1 (en) * 2010-03-23 2011-09-29 Michael Carr Location-based Coupons and Mobile Devices
US20120183270A1 (en) * 2011-01-14 2012-07-19 International Business Machines Corporation Webcam captcha
US9965768B1 (en) 2011-05-19 2018-05-08 Amazon Technologies, Inc. Location-based mobile advertising
US8800056B2 (en) * 2011-08-12 2014-08-05 Palo Alto Research Center Incorporated Guided implicit authentication
US8911507B1 (en) * 2011-11-22 2014-12-16 Symantec Corporation Systems and methods for mitigating mobile device loss
CN102647508B (en) * 2011-12-15 2016-12-07 中兴通讯股份有限公司 A kind of mobile terminal and method for identifying ID
US9641538B1 (en) * 2012-03-30 2017-05-02 EMC IP Holding Company LLC Authenticating an entity
US9405897B1 (en) * 2012-03-30 2016-08-02 Emc Corporation Authenticating an entity
US8863307B2 (en) * 2012-06-05 2014-10-14 Broadcom Corporation Authenticating users based upon an identity footprint
US9449178B2 (en) * 2012-07-24 2016-09-20 ID Insight System, method and computer product for fast and secure data searching
CN103581120B (en) * 2012-07-24 2018-04-20 阿里巴巴集团控股有限公司 A kind of method and apparatus for identifying consumer's risk
US8903657B2 (en) 2012-07-31 2014-12-02 Motorola Solutions, Inc. Systems and methods for correlating routes of mobile devices
CN103813267B (en) * 2012-11-14 2017-05-17 腾讯科技(深圳)有限公司 Sign in method and system
US8869306B2 (en) * 2013-01-24 2014-10-21 Bank Of America Corporation Application usage in device identification program
US10210482B2 (en) 2013-03-05 2019-02-19 Applied Underwriters, Inc. Location verification using networked client peripherals
US10719793B1 (en) 2013-03-05 2020-07-21 Applied Underwriters, Inc. Location confirmation using networked client peripherals
US9560027B1 (en) * 2013-03-28 2017-01-31 EMC IP Holding Company LLC User authentication
KR102079033B1 (en) * 2013-07-17 2020-04-07 삼성전자주식회사 Mobile terminal and method for controlling place recognition
US9336372B2 (en) 2013-10-28 2016-05-10 Tencent Technology (Shenzhen) Company Limited Lost account information recovery method and associated apparatus and system
CN104579667B (en) * 2013-10-28 2020-04-28 腾讯科技(深圳)有限公司 Account password management method, related device and system
US20150161611A1 (en) * 2013-12-10 2015-06-11 Sas Institute Inc. Systems and Methods for Self-Similarity Measure
US10096067B1 (en) 2014-01-24 2018-10-09 Allstate Insurance Company Reward system related to a vehicle-to-vehicle communication system
US9390451B1 (en) 2014-01-24 2016-07-12 Allstate Insurance Company Insurance system related to a vehicle-to-vehicle communication system
US9355423B1 (en) 2014-01-24 2016-05-31 Allstate Insurance Company Reward system related to a vehicle-to-vehicle communication system
US10783587B1 (en) 2014-02-19 2020-09-22 Allstate Insurance Company Determining a driver score based on the driver's response to autonomous features of a vehicle
US10796369B1 (en) 2014-02-19 2020-10-06 Allstate Insurance Company Determining a property of an insurance policy based on the level of autonomy of a vehicle
US10783586B1 (en) 2014-02-19 2020-09-22 Allstate Insurance Company Determining a property of an insurance policy based on the density of vehicles
US9940676B1 (en) 2014-02-19 2018-04-10 Allstate Insurance Company Insurance system for analysis of autonomous driving
US10803525B1 (en) 2014-02-19 2020-10-13 Allstate Insurance Company Determining a property of an insurance policy based on the autonomous features of a vehicle
US20150310434A1 (en) * 2014-04-29 2015-10-29 Dennis Takchi Cheung Systems and methods for implementing authentication based on location history
CN105897811B (en) * 2015-01-26 2019-04-23 中国移动通信集团公司 A kind of method of data synchronization and device
US10231122B2 (en) 2015-04-27 2019-03-12 International Business Machines Corporation Challenge-response authentication based on internet of things information
US10475020B2 (en) 2015-05-01 2019-11-12 At&T Mobility Ii Llc Mobile device roaming status subscription
WO2016182179A1 (en) 2015-05-11 2016-11-17 Samsung Electronics Co., Ltd. User terminal apparatus and controlling method thereof
KR20160132744A (en) * 2015-05-11 2016-11-21 삼성전자주식회사 User terminal apparatus and control method thereof
US10216914B2 (en) 2015-08-18 2019-02-26 Richard James Hallock System, method, and apparatus for personal identification
US11102648B2 (en) 2015-08-18 2021-08-24 Proteqsit Llc System, method, and apparatus for enhanced personal identification
US10037419B2 (en) 2016-07-11 2018-07-31 Richard James Hallock System, method, and apparatus for personal identification
US9798876B1 (en) 2015-08-19 2017-10-24 Symantec Corporation Systems and methods for creating security profiles
US10630723B1 (en) 2015-12-03 2020-04-21 United Services Automobile Association (Usaa) Determining policy characteristics based on route similarity
US10269075B2 (en) 2016-02-02 2019-04-23 Allstate Insurance Company Subjective route risk mapping and mitigation
EP3520361B1 (en) 2016-10-03 2022-04-06 Telepathy Labs, Inc. System and method for social engineering identification and alerting
CN107978034B (en) * 2016-10-25 2020-05-22 杭州海康威视数字技术股份有限公司 Access control method and system, controller and terminal
US10686793B2 (en) * 2017-05-31 2020-06-16 Ca, Inc. Integrated biometrics for application security
CN107770172B (en) * 2017-10-18 2020-07-21 维沃移动通信有限公司 Account information retrieving method and mobile terminal
US11032705B2 (en) * 2018-07-24 2021-06-08 Carrier Corporation System and method for authenticating user based on path location
CN112233291A (en) * 2020-09-25 2021-01-15 武汉绿色网络信息服务有限责任公司 Entrance guard using method and entrance guard device based on intelligent device track

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003036919A2 (en) * 2000-10-23 2003-05-01 Signalsoft Corp. Identifying a wireless user based on re-routing
WO2003056865A1 (en) * 2001-12-21 2003-07-10 Nokia Corporation Providing guiding service by means of a wireless terminal
US20030236818A1 (en) * 2002-06-25 2003-12-25 Bruner John D. Server-based navigation system having dynamic transmittal of route information
US20040260766A1 (en) * 2003-06-18 2004-12-23 Barros Mark A. System for location based internet access and method therefore
EP1510785A1 (en) * 2003-08-29 2005-03-02 Pioneer Corporation Navigation information providing apparatus

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5535431A (en) * 1994-04-05 1996-07-09 Grube; Gary W. Method of detecting unauthorized use of a communication unit
US5940751A (en) * 1996-06-27 1999-08-17 Cellular Technical Services Company, Inc. System and method for detection of fraud in a wireless telephone system
EP1102085A3 (en) * 1999-11-15 2004-03-10 Kokusai Electric Co., Ltd. Positioning system and calculating method in mobile communication system
US6611687B1 (en) * 1999-11-15 2003-08-26 Lucent Technologies Inc. Method and apparatus for a wireless telecommunication system that provides location-based messages
US20030158960A1 (en) * 2000-05-22 2003-08-21 Engberg Stephan J. System and method for establishing a privacy communication path
GB0012445D0 (en) * 2000-05-24 2000-07-12 Hewlett Packard Co Location-based equipment control
US6980812B1 (en) * 2000-11-09 2005-12-27 @Road, Inc. System and method for providing a handheld unit to a mobile position device
JP2002281540A (en) * 2001-03-19 2002-09-27 Hitachi Ltd Mobile terminal equipment for measuring position
US6646873B2 (en) * 2001-03-28 2003-11-11 Wistron Corporation Personal digital assistant for connecting with a communtcations module
US7974602B2 (en) * 2001-09-06 2011-07-05 Toshiba America Research Inc. Fraud detection techniques for wireless network operators
CN1124759C (en) * 2002-08-15 2003-10-15 西安西电捷通无线网络通信有限公司 Safe access method of mobile terminal to radio local area network
US8171298B2 (en) * 2002-10-30 2012-05-01 International Business Machines Corporation Methods and apparatus for dynamic user authentication using customizable context-dependent interaction across multiple verification objects
US6832153B2 (en) * 2002-11-27 2004-12-14 Mobilearia Method and apparatus for providing information pertaining to vehicles located along a predetermined travel route
US7142876B2 (en) * 2003-03-03 2006-11-28 Nokia Corporation Location dependent services
US20040243856A1 (en) * 2003-05-29 2004-12-02 Will Shatford Four factor authentication system and method
US7013365B2 (en) * 2003-06-16 2006-03-14 Michael Arnouse System of secure personal identification, information processing, and precise point of contact location and timing
CN1323538C (en) * 2003-12-12 2007-06-27 华中科技大学 A dynamic identity certification method and system
CN100450270C (en) * 2004-07-02 2009-01-07 华为技术有限公司 Legality identification method of mobile terminal user and its mobile terminal
US8023966B2 (en) * 2004-12-21 2011-09-20 Nokia Corporation Systems, devices, methods and computer program products for downloading content to mobile devices in a roaming environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003036919A2 (en) * 2000-10-23 2003-05-01 Signalsoft Corp. Identifying a wireless user based on re-routing
WO2003056865A1 (en) * 2001-12-21 2003-07-10 Nokia Corporation Providing guiding service by means of a wireless terminal
US20030236818A1 (en) * 2002-06-25 2003-12-25 Bruner John D. Server-based navigation system having dynamic transmittal of route information
US20040260766A1 (en) * 2003-06-18 2004-12-23 Barros Mark A. System for location based internet access and method therefore
EP1510785A1 (en) * 2003-08-29 2005-03-02 Pioneer Corporation Navigation information providing apparatus

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011001026A1 (en) * 2009-06-29 2011-01-06 Elisa Oyj Authentication
EP2348438A1 (en) * 2009-12-21 2011-07-27 Intel Corporation Using trajectory for authentication
EP2953074A1 (en) * 2014-06-05 2015-12-09 Wipro Limited Method for providing real time guidance to a user and a system thereof

Also Published As

Publication number Publication date
US20080033637A1 (en) 2008-02-07
CN101496427A (en) 2009-07-29
EP2055130B1 (en) 2012-11-07
KR101392651B1 (en) 2014-05-07
EP2055130A2 (en) 2009-05-06
KR20090048487A (en) 2009-05-13
BRPI0714791A2 (en) 2013-02-19
BRPI0714791A8 (en) 2019-01-15
WO2008016746A8 (en) 2009-04-02
WO2008016746A3 (en) 2008-05-29
CN101496427B (en) 2013-06-05
US8364120B2 (en) 2013-01-29

Similar Documents

Publication Publication Date Title
US8364120B2 (en) Identity verification using location over time information
US20230134823A1 (en) Proximity-Based System for Object Tracking
US20180103341A1 (en) System for location based authentication
US10389712B2 (en) Passive security enforcement
US10776464B2 (en) System and method for adaptive application of authentication policies
KR101424321B1 (en) Location-based system permissions and adjustments at an electronic device
US20160232516A1 (en) Predictive authorization of mobile payments
JP2022513977A (en) Identity identification method, device and server for designated point approval
US20150227926A1 (en) Determining user authentication requirements based on the current location of the user in comparison to a user's travel route
WO2004079499A2 (en) System and method for verifying user identity
JP2005352710A (en) Individual authenticating device
CN101657807A (en) Be used for dynamically control to the method and system of the visit of network
US11050738B1 (en) Defined zone of authentication
CN112861082B (en) Integrated system and method for passive authentication
EP3622435B1 (en) Method and apparatus for security verification based on biometric feature
US11954188B1 (en) Systems and methods for dynamic bio-behavioral authentication
CN113204749A (en) Near field information authentication method and device based on time control
JP6077077B1 (en) Authentication apparatus, authentication method, and authentication program
KR20230101344A (en) Method and apparatus for short-distance communication access authentication without using an authentication key
KR20210038201A (en) Apparatus, system, and control method for access control

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780028797.4

Country of ref document: CN

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2007798277

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: RU

WWE Wipo information: entry into national phase

Ref document number: 1020097004375

Country of ref document: KR

ENP Entry into the national phase

Ref document number: PI0714791

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20090202